MyDevSecOps

From secret stores, time-limited credentials & better backups, to confused deputy problems, JWT tokens & service meshes. @samnewman takes a looks at the state of the art for building secure #microservice architectures. Watch it here: https://buff.ly/2UaOGow pic.twitter.com/T7KdlkR5oO

.@guypod talks to @duncangodfrey, Senior Director of Security & Compliance at @auth0 on #TheSecureDev Podcast about when to make your first security hires. https://buff.ly/3b1ecCs  #DevSecOps #Securitypic.twitter.com/TRkAdsyOED

"One of the things we had to figure out was how to get the developers to care about security." @codemouse on #thesecuredev with @guypodpic.twitter.com/7NPt4HqymL

Did you know the top ten most popular default #Docker images, each contains at least 30 vulnerable system library versions? Check out our previous virtual session where we chatted about this & other findings in the 2019 state of open source security! https://buff.ly/3915bI5 pic.twitter.com/6sLP50TspQ

ICYMI: We are very pleased to share the recorded presentations from @devseccon #London 2019. Head over to https://buff.ly/2ORW70L  to check out all the talks from an amazing event, & join in the conversation about the event in our #Slack community here: https://buff.ly/370qadP pic.twitter.com/1Iig4TVhR8

Are you after some practical guidelines to build more secure software? @manicode covers 10 common security problems, and how to address them. @OWASPTop10 Watch it here: https://buff.ly/318AHkC pic.twitter.com/M3130PfUNm

In ep. 44 of #thesecuredev, @sjmaple asks @guypod to reflect back on the numerous guests he’s had on the show throughout 2019, and the many security lessons and insights shared along the way. https://buff.ly/316d8bY pic.twitter.com/6LekgPOxvT

On our next virtual session @bufrasch shows us how to integrate a WAF with WAF testing automation into a continuous integration (CI) pipeline. Grab your ticket now https://buff.ly/2U2rbOr  Feb 12th 4pm BST / 11am EDT / 8am PDTpic.twitter.com/MrT3ZFj4AJ

Our @SlackHQ community is growing all the time. You’ll be able to ask technical or non-technical questions whenever they arise. It’s also the best place to ask questions during our live events.: https://buff.ly/370qadP  #DevSecOpspic.twitter.com/6FYzf2lnNT

In Ep.37 of #TheSecureDeveloper, @guypod speaks with James Kaplan of @McKinsey. @jmk37 describes his journey into the telecoms industry, & how many longstanding companies must reevaluate security practices when going through a digital transformation https://buff.ly/36EwtlJ pic.twitter.com/Axb58ziv4y

The #CFP for @devseccon Boston, Seattle, London, Tel Aviv and DevSecCon24 are open! We'd love to see some of our community members speaking at this year's events! #DevSecOps #Security https://buff.ly/2LlIlzH pic.twitter.com/0CMTLF4Uen

[VIRTUAL MEET-UP] Join us! - @bufrasch, Architect for @puzzleitc Web Application Firewall - Friend of your DevOps pipeline? https://buff.ly/2U2rbOr  Feb 12th 4pm BST / 11am EDT / 8am PDTpic.twitter.com/jgBYDHNviW

If there was really one thing we can do to truly move the needle, is to figure out "How do we measure security?" Because you can't optimize what you can't measure @guypod on #thesecuredev Listen to the rest of the episode here https://buff.ly/316d8bY pic.twitter.com/gOTPyGjper

If you missed today's session with @JoshCGrossman don't panic you can watch the recorded session here https://www.mydevsecops.io/post/what-s-new-and-exciting-about-the-asvs-4-0 … @OWASP_ASVSpic.twitter.com/AM9EnPgpNq

QUICK!! Only a few hours to sign up for our virtual session with @JoshCGrossman What’s new and exciting about the ASVS 4.0?? https://buff.ly/2RyPx0w  Jan 30th 5pm GMT / 12pm EDT / 9am PDTpic.twitter.com/QOMR1twlWd